IntegraMOD

[Thug Lyfe]

Well i just upgraded to 1.0.3, for some reasons, none of my admins can't delete any topics....when they click delete...it just redirects them to log in, and when they put in the password....it says 'password incorrect' even though they entered the right password

any solution?

[Adrian Rea]

firstly check all edits were made correctly, make sure you ran and install script. Did you update the includes/phpbbsecurity.php then uload?

A

[Thug Lyfe]

well everything i edited was totally correct...i replaced the files it told me to do....everything on the forum works fine, its just the admins can't delete topics that has problems

[Bush]

On my site, there is a template problem. When you're an admin and you goto delete a topic, it says "Are you sure you want to delete this, yes/no and then BELOW that is an EMPTY textbox, with no text around it.. i found that typing my password in and then clicking yes allows me to delete topics.

Hope this helps.

Bush

[Thug Lyfe]

well if my admins put thier password in....it says 'incorrect password'...so they can't delete the topics at all

[Bush]

Thug Lyfe, What template are you using?

-- You should set the sites default template to fisubice (ACP > Extreme Styles) and see if you're admins/moderators are able to delete threads using this template. If so, then it leads me to believe that there is a problem with the template!

Bush

[Thug Lyfe]

they do use fisubice....not working...still error

[DjPorkchop]

I've got the same problem. When trying to delete it says are you sure? Yes....Incorrect password. Click the back button to try agian.....This occurs in subice and powermetal both.

Correction. When logged in as board founder, I can delete post by post. If I try and delete through the moderators CP, that is when this problem occurs. At no other time does this happen. Only in mods CP.

[CopsOffDuty]

I experienced the same problem and posted it a few days ago and still no answer.

Mods (and I) click delete this topic and it then goes to the confirmation screen. After you click yes it says "General Error".

Refer to http://integramod.com/forum/viewtopic.php?t=163

Anyone comes up with anything, please let me know.

[DjPorkchop]

I went to Amods site and tried posting in the Security Support forum and it said only selected members or something like that could post in that thread.... <img> Oh well, I am still hoping someone comes up with something...I'll be waiting.

[Thug Lyfe]

glad i'm not the only one with this problem, yes only board founder can delete topics which is me...hopefully there'll be a fix to this soon

[DjPorkchop]

Well folks I got on Aods site and couldnt post any topics anywhere except for general discussion, so I did so post about our issue there. And wouln't ya know it, the subject got locked because I can only post in 1 freakin forum there, no others.. Anyhow, here is the stupid answer I got....Hope it helps. It don't amount to a hill of beans for me.....Here goes....

Oh and by the way. the support I got there is nothing compared to over here. IM2 suport team rocks!!!

MWE_001 wrote: Since this is the only forum I can post in, here goes. I have an issue with the new security mod by amod it works great except for 1 little thing. Mods can not delete posts through the mods CP. It says are you sure, click yes, and get a general error that says password is not correct. I then logged in as Board Founder and I can delete post by post. I can not how ever delete posts through the mods CP neither. A WHOLE bunch of people are looking for the answer to this problem. Hopefully I can get some help so I can help them use this great phpBB Security mod. Thx in advance. Sorry not in support post, but as stated, I can not post in any forum but this one. Thx

Amod wrote: In the download

Docs/Features.txt

#====
#==== V1.0.3
#====

-> Added protection against passing certain functions & PHP variables in a URL.

-> Added account protection for the board owner in the User Admin -> Management.

-> Added account protection for the board owner in the User Admin -> Permissions.

-> Added a password verification to the modcp.php file so anyone who possibly fakes a user
with some kind of cookie exploit, can not delete topics/posts via modcp.php.

-> Per user request, added a way to delete old DB backups directly in the ACP. This is located
in the Special section, so only the allowed admins can do this.

-> Added some guest protection. With alot of programatic DDoS programs, all the guests will have
the same ip. With this new setting, you can limit how many sessions are stored on a per IP basis
for guests.

-> Added a way to disallow users to use the same username & pass combo, if their pass matches
their username, they will have to choose a different one.

-> Added a minimum characters for a user password. This can be toggled on/off in the ACP and
the minimum is also configurable.

-> Added a way to make all users update their passwords. Basically if you choose this, the first
visit when a user returns after you doing this, they will have to update their password.

-> Fixed the error when changing passwords. Sometimes it would cause a cookie mis-match error.

-> Fixed the cookie issue from phpBB 2.0.18++.

-> Fixed the backup feature error from phpBB 2.0.18++.

-> Made it so any time a user changes their profile, they have to also verify their password,
just to make sure it is them editing their profile.

-> Removed the htaccess verification on the ACP since phpBB finally includes it.

-> Removed the extra cookie checks since phpBB finally updated theirs.

-> Added a version status to the admin index to let you know if you're up to date or not.

And if

Quote:

A WHOLE bunch of people are looking for the answer to this problem.



Where true, they should post here, as your post is the first of it kind.

Main thing is check your file edits & make sure your mods are actually inputing their password.

Now im going to lock this per the announcement about posting in the wrong forums.

Put in the right password? We get no place to put in a d#m password! Oh well.........lol anyone? If you think you can get a better answer or help support our cause please try to reply or submit a forum over there so he knows its not only me beings how my post was and i quote" the first of it's kind there" http://www.phpbb-tweaks.com

[Kat]

So far so good for me. I can delete with no issue through MCP and through the normal topic hitting the delete button at the bottom. I don't get any errors but I do have to enter my password, which I don't like, because I don't tend to use the MCP to delete topics which means I'll have to enter my pass everytime, but if there was a prob in the past with it, then I guess I'm okay with doing it for better security.

I'm having my mods check out both ways of deleting topics to see if that works

[DjPorkchop]

Well I must admit, I feel ashamed of my last post here. I went back and re did all of the edits and wouldnt ya know it, it works just fine now. Anyone having issues, recheck your edits. Found it humbled me once before over some edits. I sometimes shoot my mouth off without thinking first. I just had a bad morn. It works great.... <img> I found that if I would have used the premodded files on an unmodded board, it would have been alot smoother..lol........If anyone from the other site I mentioned is here, please accept my apologies. With that I'm out of here for today. Dun had enough... Have a nice day/night.

[found it]

Found it humbled me once before over some edits. I sometimes shoot my mouth off without thinking first.

[Thug Lyfe]

dammit.....well I don't know what to edit or change since my update was perfectly done...I have no problems anywhere on my forum except this issue

[CopsOffDuty]

OK...

So after downloading a more up-to-date release of the php security it finally it installed. Then I hit the incorrect password error. A Template issue.

If you run into the issue, I simply copied the files from the default template over to the one I am using and all it well! <img>

Hope this helps some of ya'll! Thanks everyone for your help!

[Thug Lyfe]

well thankz for the advice, but then which file am i replacing? and then my edited files wll be overwrited which might problem in the future

[DjPorkchop]

If the modcp.pjhp is not edited correctly, this is where this error is for sure coming from....

-> Added a password verification to the modcp.php file so anyone who possibly fakes a user
with some kind of cookie exploit, can not delete topics/posts via modcp.php.
Only by entering their password for verification.....

#
#-----[ OPEN ]---------------------------------------------
#
modcp.php

#
#-----[ FIND ]---------------------------------------------
# Dragonsys - Adjusted for easier find, the line which was here is located in the file multiple times
//
// Check if user did or did not confirm
// If they did not, forward them to the last page they were on
//

#
#-----[ BEFORE, ADD ]---------------------------------------------
#
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
if ( ($mode == 'delete') && ($confirm) )
{
$pass_one = isset($HTTP_POST_VARS['phpBBSecurity_verify']) ? $HTTP_POST_VARS['phpBBSecurity_verify'] : '';
$pass_two = $userdata['user_password'];
if (md5($pass_one) != $pass_two)
message_die(GENERAL_ERROR, $lang['PS_modcp_verify_fail']);
}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |

#
#-----[ FIND ]---------------------------------------------
#
'MESSAGE_TEXT' => $lang['Confirm_delete_topic'],

#
#-----[ AFTER, ADD ]---------------------------------------------
#
#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.3 =========================================================== |
#====
'L_VERIFY' => '<br><br><span>'. $lang['PS_modcp_verify'] .' <input></span>',
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-tweaks.com] = |
#==== End: ==== phpBB Security ========================================= |
#======================================================================= |

I fixed this error with this edit correctly and all is well now. I hope this helps you. At least it did with my application. Have a nice day.......Ray

[Thug Lyfe]

hmm thankz dude, that fixed it
thankz a lot

[DjPorkchop]

I finally helped someone on IM? Lol. J/K glad it's working for ya...

[Thug Lyfe]

lol uhmm problem's not over yet
now my and every member's pm system says '1 unread message'....even though there isn't any.....solution please lol

[DjPorkchop]

That bug bit me a while back and I forgot how I got rid of it....except i allways had 28 unread messages.... <img>

[Thug Lyfe]

hmm anyone else know what's wrong?
help will be appreciated...

[Adrian Rea]

try this http://integramod.com/forum/viewtopic.php?p=5151#5151

A

[Thug Lyfe]

hmm I tried that, and searched before posting
well that didn't work for me, any other solution?

[gamesug]

I had the same problem and it was with my template. If your modcp.php file is edited perfectly make sure you do this step.

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

templates/*/confirm_body.tpl

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

</form>

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

{L_VERIFY}

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

[Fallen]

I had the same problem and it was with my template. If your modcp.php file is edited perfectly make sure you do this step.

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

templates/*/confirm_body.tpl

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

</form>

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

{L_VERIFY}

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

That was the fix i was looking for. Just was aware of this error today. <img> Fixed now. Thanks all!